Password mask in container leaf

YANG
1

Hi,

I am trying like

container proxy {
130                     tailf:cli-flatten-container
131                     tailf:cli-add-mode;
132                     leaf proxy-server {
133                         type oc-inet:url;
134                         description
135                             "Specifies the web proxy server endpoint for the device.";
136                             //Examples: http://192.168.10.20:3128, https://myproxy.com:3128
137                     }
138
139                     leaf proxy-username {
140                         type string;
141                         description
142                             "Specifies the username for web proxy server credentials.";
143
144                     }
145
146                     leaf proxy-password {
147                         type string;
148                         description
149                             "Specifies the password for web proxy server credentials.";
150                     }
151                 }

It’s not taking mased password

2

Can you explain what behavior you expect?

3 
 leaf proxy-server {
                    type oc-inet:url;
                    description
                        "Specifies the web proxy server endpoint for the device.";
                        //Examples:  https://myproxy.com:123
                    default none;

                }

                leaf proxy-username {
                    type string;
                    description
                        "Specifies the username for web proxy server credentials.";
                    tailf:cli-only-in-autowizard;
                    default none;
                     tailf:display-when '(../sys-lic-install:proxy-server != "none")';
                }

                leaf proxy-password {
                    type string;
                    description
                        "Specifies the password for web proxy server credentials.";
                    tailf:suppress-echo true;
                    tailf:display-when '(../sys-lic-install:proxy-server != "none")';
                    tailf:cli-only-in-autowizard;
                }
  1. proxy-server should configured “HTTP://1.2.3.4:123
  2. Need auto wizard for username
  3. Need auto wizard of password. it should be masked like “*****”
4

As far as I can tell, this behaves pretty much according to specification:

box(config-proxy-config)# proxy-server http://myproxy.com:123 proxy-username ?
Possible completions:
  <cr>
box(config-proxy-config)# proxy-server http://myproxy.com:123 proxy-username 
(<string>) (none): proxyuser
box(config-proxy-config)# proxy-password ?
Possible completions:
  <cr>
box(config-proxy-config)# proxy-password 
(<string>): *******
box(config-proxy-config)#

Is this not what you see? You may also want to use different type for password, the type string means that the password is stored (and showed) in cleartext; alternatives are digest types such as crypt-hash from iana-crypt-hash or one of symmetric encryption types from tailf-common.

5

box(config-proxy-config)# proxy-server http://myproxy.com:123 proxy-username ?
Possible completions:

box(config-proxy-config)# proxy-server http://myproxy.com:123 proxy-username
() (none): proxyuser

After this, it is supposed to be incomplete and proxy-password promote wizard should popup

6

The autowizard is automatically triggered only when you create a new list instance and its data model contains mandatory leaves. Your leaves are not mandatory and it looks to me you would have to change your data model a little bit before you can make them mandatory. And even then, there is that condition about list instance; if you really need automatic autowizard, you can work around this condition by using max-elements 1 list.